Facebook Google Menu Linkedin lock Pinterest Search Twitter

Advertisement

Online

Dec 9, 2010

Welcome to the internet wars

The attacks on WikiLeaks have sparked a war on the internet and it has immediately exposed has fragile key systems can be.

Share

Whoever christened the WikiLeaks saga the first major war over the internet was right. Quite apart from what you’re seeing in the mainstream media, the internet equivalent of a shooting war has broken out and shows no signs of dying down.

The online group Anonymous – usually, but somewhat erroneously christened “hacker activists” by the mainstream media – have launched a series of attacks on the websites of those associated with the campaign against Wikileaks and Julian Assange. Targets under “Operation Payback”, coordinated via an IRC channel and Twitter, have included Joe Lieberman’s website, Sarah Palin’s website and the website of the Swedish prosecution service responsible for handling the s-xual assault case against Assange.

In the last 24 hours, however, it’s stopped being quite so symbolic. Yesterday Anonymous coordinated a distributed denial of service attack on Mastercard’s corporate website, www.mastercard.com, and took it offline for several hours. More to the point, the attacks took Mastercard’s Securecode service offline as well, preventing transactions from being processed. The website has since got back online.

This morning it was Visa’s turn. Anonymous gave a full hour’s notice via its Twitter account @Anon-Operation that it was going to target Visa. At 8am, the tweet went out:

“TARGET: WWW.VISA.COM: FIRE FIRE FIRE!!! WEAPONS.”

They didn’t miss. The Visa site went down almost instantly, and stayed down for nearly three hours.

Twitter had by this stage woken up to the fact that its service was being used to coordinate DDOS attacks and suspended @anon_operation (Facebook had removed another Anonymous-related page earlier in the day). Anonymous was already using multiple accounts and immediately created another one, @anonops. Twitter’s action prompted participants to turn their attention to the service itself, and Twitter itself came under fire.

At that point, Anonymous appeared to secure a significant victory. Twitter was said to have advised that the deletion was “accidental” and restored the suspended account (minus previous tweets), although another ANonymous-related account remained suspended. The new account, @anonops, continued to operate. The attack on Twitter was then called off, and www.visa.com briefly went down again as the attack as redirected back at Visa.

A short while later the group declared via @anonops “IRC is not secure do not use unauthorized channels for operation #payback. We will announce next target here!! http://bit.ly/1hSngD #anonops”. Presumably law enforcement agencies had by this stage accessed the channel (it’s accessible if you know whom to ask and are happy to have the Federal Police start paying attention to you).

Meantime, in an unrelated development, PayPal had succumbed to criticism and released donations to Wikileaks.

Throughout, the mainstream media desperately tried to keep up. “Do you know more? email us” implored Fairfax, whose journalists took to haunting the birthplace of Anonymous, the 4chan site (warning – DEFINITELY NSFW) to find out what was going on. The coverage looked all a bit redundant, though, given much of what was going on was being played out under the Twitter hashtag #anonops.

This may look like a bunch of kids fooling around on the internet (one tweeter compared it to a “geek action movie”) but it’s altogether more serious than that. In the space of 24 hours two of the world’s key transactional sites have been taken offline. In the case of Visa, the company was actually given warning that it would be attacked, and yet it was still taken down for several hours. If we’re talking “critical infrastructure”, as per the WikiLeaks cables of earlier this week, we’ve had a clear demonstration of where it is on the internet.

This is the flipside of war against WikiLeaks being waged by the US Government and its proxies. Taking away its access to servers and taking away its financial conduits has undoubtedly harmed the organization – probably more so than arresting Julian Assange. It shows that, for all the decentralization of the internet, you can exploit the corporate control of key elements of the internet, particularly of financial transactions, to inconvenience or disrupt the operations of even an online entity. The further the balance tips toward private, corporate control of key online systems, the easier it becomes for governments – and other forces of centralised control, like large companies – to strike back at online opponents.

But it cuts both ways. The fragility of those transactional systems is suddenly on display with the successful attacks on Visa and Mastercard. Private control of key systems can be a vulnerability as well as a strength. And what’s been happening to key transactional systems in Australia in recent days? No one targeted NAB’s website – it managed to take itself offline without any help from “hacktivists”, causing massive financial disruption to its customers.

We’ve become dependent on online systems that are assumed to be both secure and resilient. Suddenly they look fragile, capable of disruption not just at the hands of Anonymous, but because of under-investment, or incompetence, or a single corrupted file.

There’ll doubtless be a lot of rubbish written about the Anonymous attacks, from both sides, in coming hours and days. There’ll be a strong sense of “the internet has fought back” from supporters, and law enforcement-flavoured outrage from opponents, governments and the mainstream media.

But at least one lesson is already clear – on the internet, the “critical infrastructure” may not be as resilient and stable as we all assume it is.

Advertisement

We recommend

From around the web

Powered by Taboola

22 comments

Leave a comment

22 thoughts on “Welcome to the internet wars

  1. Pete from Sydney

    may be time to head back to the safety of print…

  2. Dean

    Like (I imagine) many people, I’m somewhat conflicted about wikileaks itself.

    But these attacks by Anonymous seem like a pretty dumb idea to me. What do they think the outcome is going to be? If anything, all it will do is cement in the corporate minds of Visa and Mastercard that wikileaks is an “illegal” organisation and that they did the right thing in cutting them off.

    And so http://www.visa.com goes down for a few hours, so what? In the grand scheme of things, that’s a pretty paltry “attack”. The website comes back up after a few hours, then it’s business as usual again: sorry for the inconvenience.

    It just seems to me that this sort of thing harms wikileak’s image MUCH more than it helps.

  3. ParnassusMD

    DDoS attacks on HiVis sites like Mastercard/Visa/Paypal is more to do with propaganda and media attention than real damage to the online economy.
    The real story here is the apparent willingness of hundreds – potentially thousands – of individuals to ‘volunteer’ their computers to act as ‘Bots’ to conduct the DDoS attacks.
    With the instructions readily available online – even my 80 year old mother is capable of ‘volunteering’!

  4. Pete

    “the fact that its service was being used to coordinate DDOS attacks”
    orly? I found the tools and the setup info n everything without using Twitter. I’m not sure who’s wrong in stating this ‘fact’, Bernard or Twitter or AnonOps. Oh well. #andthereitrests

  5. Perry Gretton

    Modern warfare:

    ‘“TARGET: http://WWW.VISA.COM: FIRE FIRE FIRE!!! WEAPONS.”

    They didn’t miss. The Visa site went down almost instantly, and stayed down for nearly three hours.’

  6. ninetenthsofthelaw

    Suggesting the federal police are “paying attention” to everyone in the (numerous) IRC channels is either laughable, or these police have far too much time on their hands.

  7. zut alors

    How long before we rue the phasing out of bank passbooks…

  8. kennethrobinson2

    Help, can someone help this old warrior get in on the action, I really am not very computer savvy, but hell I would like to make my computer available to take down these , political masters, they are supposed to serve us, not the other way around.
    By crikey, lets take our country back, after we are the voters, and financiers of these people, next thing the Stars and Stripes will be flying over parliament house.

  9. bsg

    The internet is a living organism, its sort of self aware, and “anonymous” is part of its immune system (whether thats good or bad is debatable).

    The reason there has been so much “success” in taking wikileaks off-line (hosting, DNS) is that generally, those sort of actions – censorship – have not raised the ire of the net community in the past, due to the fact that no-one has really attempted to take sites offline.

    Now the community will adapt. anonymous has “chosen” to become more organized, and will rapidly out arms-race its opposition. Others will build infrastucture, or software, that will preserve wikileaks.

    Services on the internet are fragile? Of course they are. Protecting centralized services like that against concerted attack is probably impossible.

  10. Socratease

    @kennethrobinson2,

    Help, can someone help this old warrior get in on the action, I really am not very computer savvy, but hell I would like to make my computer available to take down these, political masters , they are supposed to serve us, not the other way around.

    Be careful what you wish for. Handing over the use of your PC for use as a remote robot of some unknown person is not a wise thing to do.

  11. The Pav

    Ironically, Getuop are seeking donations for an ad in the US papers.

    Contributions can be paid by credit card , Mastercard or Visa!

  12. michael l

    Anonymous is not an organisation, its embarrassing to read journalists continually making this mistake.

    Anonymous is just the huge userbase of the 4chan forums (the name comes from the fact that people don’t log in to post). There is no guiding motive, there are no leaders. Someone (anyone) can shout fire! and the users move like a herd.

  13. micae

    Paypal has now – rightly, in my view – released the money belonging to Wikileaks to Wikileaks –

    http://thenextweb.com/media/2010/12/09/caving-to-pressure-from-supporters-paypal-releases-wikileaks-funds/

  14. Matt Steadman

    Bernard / Crikey, I’d love to hear from Stigherran (sp? your tech guy) on these DDOS attacks and whether this may be the next step in an upping of the hacktivist ante…

    As I understand it, they aren’t the result of under-investment or incompetance as you suggest, but completely undefendable by even the largest of internet security companies. You can (I believe) “hire” massive botnets on the black market and basically do as you please. A sustained attack on the major payment organisations (Visa, Paypal et al) could bring internet commerce to its knees without any real cure.

  15. jeebus

    We’ve become dependent on online systems that are assumed to be both secure and resilient. Suddenly they look fragile, capable of disruption not just at the hands of Anonymous, but because of under-investment, or incompetence, or a single corrupted file.

    Perhaps they are your assumptions, but the Internet itself was designed precisely for the purpose of being resilient. Anybody who has a cursory interest in IT would be aware that it was created by DARPA as a network that could not be disrupted even in the event of major nuclear war.

    It has now grown to a global scope, and short of Santa Claus flying around the world Christmas night with a pair of scissors cutting billions of cables, it is more resilient than ever.

    Individual servers and websites may crash when they do not have the bandwidth to meet demand – be it millions of false requests from hackers, or millions of people trying to download the Paris Hilton s-x videos – but an attack of that nature does not damage or destroy the hardware itself, and has been shown not to be sustainable over the long term.

    I would also question whether there is a general assumption that the Internet is safe and secure. Yes, every day thousands of people get conned by Nigerian Princes and Viagra deals, but for the millions who don’t, receiving that spam reinforces the idea that the Internet can be a dodgy place.

  16. zut alors

    @ Micae, the market has spoken.

  17. meta_p

    @Jeebus

    I think perhaps you have misunderstood the point Bernard was trying to convey…

    The internet may very well be a resilient medium of communication fundamentally, but the protocols upon which the internet uses are widely subject to vulnerabilities. Bernard isn’t trying to say that ‘the internet isn’t stable or reliable anymore’, instead the point here is that the infrastructure upon which modern society relies (the inernet and the agencies that populate it, i.e. mastercard, visa and other financial institutions etc) is no longer reliable and/or resilient(albeit never was in the first place).

    Attacks like this may not have been sustained in the long term previously, but this cyber unit of politically aware internet users will only grow as the mass public becomes more and more outraged over the events of late and others to come, I’m sure..

    It’s a shame that the majority of people are too apathetic to stand up for paramount issues like these anymore. Change won’t happen unless people act, and for that I applaud anon.

  18. peterg

    paypal releases Wikileaks. hurray hurray! maybe now Wikileaks can pay Bradley Manning, from whom the documents arose..
    http://www.theregister.co.uk/2010/12/09/bradley_manning_wikileaks_no_help/

  19. Jak

    we’re all doomed

  20. AR

    Despite assurances, from those who purport to know, that the Net is, in the main, unbreakable, surely it relies on the service providers, telecoms, megaCorps & governments?
    I have never understood why people are willing to put large amounts of their life, manuscripts, photos, research or proclivities into ‘the Cloud’. Even with the best intentions, there will always be outages & breakdowns but more likely is that governments & corporations will always have control.
    Obey or do without.
    Somebody please disabuse me of this old fashioned belief, if possible.
    It was shown back in the mid 90s that the entire Customs network, then only just starting to use computers widely, could be shut down with a single axe blow in a cable tunnel beneath Pitt St (accessible by dozens of manholes using a bent bit of steel) and the occasional electrocuted squirrel shows the same vulnerability elswhere in the wired west.
    On a lighter note, 30 years after Lennon’s death, his song @Nobody Told Me (there’d be days like these) refers to the Great NY & East USA Blackout of 1964. The usual grand assurances that it couldn’t happen again (like WWI etc) rang hollow in 2003 and similar problems have hit Euroland & Oz due to interlinked grids. That’s ‘only’ electricity – think about the fragility of society when information is equally unavailable. Strange days indeed…

  21. AR

    Despite assurances, from those who purport to know, that the Net is, in the main, unbreakable, surely it relies on the service providers, telecoms, megaCorps & governments?
    I have never understood why people are willing to put large amounts of their life, manuscripts, photos, research or proclivities into ‘the Cloud’. Even with the best intentions, there will always be outages & breakdowns but more likely is that governments & corporations will always have control.
    Obey or do without.
    Somebody please disabuse me of this old fashioned belief, if possible.
    It was shown back in the mid 90s that the entire Customs network, then only just starting to use computers widely, could be shut down with a single axe blow in a cable tunnel beneath Pitt St (accessible by dozens of manholes using a bent bit of steel) and the occasional electrocuted squirrel shows the same vulnerability elswhere in the wired west.
    On a lighter note, 30 years after Lennon’s death, his song Nobody Told Me (there’d be days like these) refers to the Great East USA Blackout of 1964 -“..UFOs over NY..”. The usual grand assurances that it couldn’t happen again (like WWI etc) rang hollow in 2003 and similar problems have hit Euroland & Oz due to interlinked grids. That’s ‘only’ electricity – think about the fragility of society when information is equally unavailable. Strange days indeed…

Advertisement

https://www.crikey.com.au/2010/12/09/welcome-to-the-internet-wars/ == https://www.crikey.com.au/free-trial/==https://www.crikey.com.au/subscribe/

Show popup

Telling you what the others don't. FREE for 21 days.

Free Trial form on Pop Up

Free Trial form on Pop Up
  • This field is for validation purposes and should be left unchanged.